Skip to main content

Configure Okta OpenId Connect (OIDC)

Okta's OpenID Connect (OIDC) is an authentication protocol that sits on top of the OAuth 2.0 framework, strengthening the predictability and security of connections with third-party applications. You can configure Okta OIDC as your preferred authentication method in your Tonkean board, enabling Okta SSO as the sole sign-in method for your organization.

Tonkean currently supports service provider-initiated authentication (SSO) flow only.


  • You must have a Tonkean enterprise license and be authorized as an enterprise owner.

  • You must have the relevant Tonkean Okta application configured for OIDC.

Set Okta as the Preferred Authentication

  1. In Tonkean, select your profile icon in the upper right.

  2. Select the <Enterprise Name> Administration in the dropdown. The Enterprise Administration screen displays.

  3. Locate the Preferred authentication method section and select No restrictions.

  4. Select Authenticate with, then select Okta from the dropdown. Okta authentication fields display.

  5. Enter the Okta environment URL for your organization, as well as the Client ID and Client Secret, all retrieved from your Okta application.

  6. When finished, select Save. The Okta authentication fields close.

Sign in Using Okta SSO

After setting Okta as the preferred authentication method for your organization, all users at your organization must select the Okta SSO option on the Tonkean Sign In screen:

  1. Select Okta. The Okta domain field displays.

  2. Enter the domain for your organization and select the Enter key. The Okta Login window displays.

  3. Enter your Okta login credentials and sign in to Tonkean.